###BeginCaseStudy###
Case Study: 2
City Power & Light
Scenario:
You are an enterprise desktop support technician for City Power & Light. City Power &
Light is a utility company. The company has a main office and a branch office. The main
office is located in Toronto. The branch office is located in Boston. The main office has
1,000 employees. The branch office has 10 employees.
Active Directory Configuration
The network contains a single Active Directory domain named cpandl.com. The functional
level of the forest is Windows Server 2008 R2.
Server Configuration
All servers run Windows Server 2008 R2. The relevant servers in the main office are
configured as shown in the following table.
All computers in the main office are configured to use DHCP. All computers in the branch
office are configured to use static IP addresses.
User Information
• All user accounts are standard user accounts.
• All client computers run Windows 7 Enterprise.
• Each portable computer has a PPT P-based VPN connection to the internal network.
Corporate Security Guidelines
• All users must be granted the least privileges possible.
• All locally stored documents must be encrypted by using Encrypting File System
(EFS).
• The hard disk drives on all port able computers must be encrypted by using Windows
BitLocker Drive Encryption (BitLocker).
• All encryption certificates must be stored on smart cards.
###EndCaseStudy###
Several mobile users access the Internet by using cellular connections. The help desk reports a high
volume of calls from mobile users who report the following connection problems:
• When their cellular connections fail, their VPN connections also fail.
• When their cellular connections are reestablished, they must manually connect to the VPN
server.
You need to recommend a solution to ensure that the VPN connections are automatically
reestablished. What should you recommend?
A.
Implement an IKEv2 VPN.
B.
Implement an SSTP-based VPN.
C.
Configure credential roaming.
D.
Configure a Kerberos user ticket lifetime.
Explanation:
Chapter 6 Lesson 1 p 232 – 233
Internet Key Exchange version 2 (IKEv2) support was added in Windows Server2008R2 and
Windows7 to accommodate a new VPN type that supports VPN Reconnect. VPN Reconnect refers to
the ability of a VPN connection to survive short interruptions in network connectivity, such as when
you move from one wireless access point to another, or when you switch from a wired to a wireless
network adapter. By taking advantage of features in IKEv2, even changes in IP address at the client
do not drop the VPN connection or require any user actions. As soon as connectivity to the RRAS
VPN server is restored, then the VPN tunnel is automatically reestablished.